Write script that configures `zulip` SAML to use `authentik`

[pirate]

When all the containers first come up, there are in an empty clean slate state.

Please write a script that creates whatever config files & db records are needed to point Zulip to Authentik for authentication.

The script should live in either zulip/bin/link_to_authentik.sh or authentik/bin/link_to_zulip or both, whatever you think is best. The script should take the following inputs as environment variables:

• COMPANY_NAME=SelfHostYourTech
• COMPANY_DOMAIN=selfhostyour.tech
• ADMIN_USERNAME=admin
• ADMIN_PASSWORD=<random if not provided>

It should programatically perform the steps described here on the Zulip side and the Authentik side:

• https://zulip.readthedocs.io/en/latest/production/authentication-methods.html#saml
• https://docs.goauthentik.io/docs/add-secure-apps/providers/saml/

You can write directly to the apps data in ./<appname>/data/..., you can use their REST/RPC APIs, you can add config by writing to .env in the app dirs, the only thing the script cant do is require the user to click around in any UIs.

---

Subtasks

• Make sure ./authentik/docker-compose.yml works to spin up a fresh empty autentik server
• Make sure ./zulip/docker-compose.yml works to spin up a fresh empty Zulip server
• Make sure you can access the REST APIs / endpoints / filesystems of both as needed to automate the setup process

[MiltonLn]

TODOs:

Authentik

• Generate the .env file for Authentik and create true and secure secret keys.
• Create external network with a script before running Authentik docker-compose: docker network create traefik-public